<?php if($site['id']){ ?>
	<h2>Profile</h2>
	<br /><br />
	<?php if(!$_POST['submit']){ ?>
	<form name="profile" action="<?php echo $o['root'].'/'.$site['siteurl'].'/profile.php';?>" method="post" >
		<div align="center" width="600" class="rounded_lightblue">
			<table>
				<tr><td class="inputlabel">First Name:</td><td><input type="text" name="firstname" size="20" value="<?php if($user['firstname'] && $user['firstname']!=''){echo urldecode($user['firstname']);} ?>" /></td></tr>
				<tr><td class="inputlabel">Last Name:</td><td><input type="text" name="lastname" size="20" value="<?php if($user['lastname'] && $user['lastname']!=''){echo urldecode($user['lastname']);} ?>" /></td></tr>
				<tr><td class="inputlabel">Email:</td><td><input type="text" name="email" size="30" value="<?php if($user['email'] && $user['email']!=''){echo urldecode($user['email']);} ?>" /></td></tr>
				<tr><td class="inputlabel">New Password:</td><td><input type="password" name="password" /></td></tr>
				<tr><td class="inputlabel">Confirm:</td><td><input type="password" name="confirmpassword"/></td></tr>
				<tr><td>&nbsp;</td><td><input type="submit" name="submit" value="Save" /></td></tr>
			</table>
		</div>
	</form>
<?php }else{
	echo '<div align="center" width="600" class="rounded_lightblue">';
	$firstname = trim($_POST['firstname']);
	//echo '<br />fn: '.$firstname;
	$lastname = trim($_POST['lastname']);
	//echo '<br />ln: '.$lastname;
	$email = trim($_POST['email']);
	//echo '<br />email: '.$email;
	$password = trim($_POST['password']);
	//echo '<br />pass: '.$password;
	$confirmpassword = trim($_POST['confirmpassword']);
	//echo '<br />confirm: '.$confirmpassword;
	//echo $email;
	if (isEmailValid($email)==TRUE){
						//continue to register this person
						if($_POST['firstname'] && $_POST['firstname']!=""){
							if($_POST['lastname'] && $_POST['lastname']!=""){
								//$authcode = createAuthCode($email);
								dbUpdate('users',array("firstname='$firstname'","lastname='$lastname'","email='$email'"),array("id=$userid"));
								echo 'Your profile has been saved.';
								goHome($thisroot);
							}else{
								//echo '<br />Please type your last name.';
							//goBack();	
							}
						}else{
							//echo '<br />Please type your first name.';
							//goBack();	
						}
		if($password && $password!=""){
			if($confirmpassword && $confirmpassword!=""){
				if($password == $confirmpassword){
					dbUpdate('users',array("password='$password'"),array("id=$userid"));
				}else{
					//password and confirm do not match
					echo '<br />The passwords do not match. ';
					goBack();	
				}
			}else{
				//no confirm typed
				echo '<br />You must type your password again in the confirm box. ';
				goBack();
			}
		}else{
			//no password typed
			//echo '<br />You must type a password and confirm it. ';
			//goBack();
		}
	}else{
		echo '<br />That is not a valid email address. ';
		goBack();	
	}
	echo '</div>'; 
} //END SUBMITTED
?>
<?php }else{'You cannot access this page, unless you go to the homepage first.';} ?>